search

code-423n4 / 2021-05-visorfinance-findings

0 stars 0 forks source link

Possible wrong calculation of locked balance #54

Closed code423n4 closed 3 years ago

code423n4 commented 3 years ago

Handle

a_delamo

Vulnerability details

Impact

First, I am not sure if this is an actual implementation issue or the protocol should behave like this.

In Visor.sol, there is getBalanceLocked function used for multiple calculations. Checking at the implementation seems like instead of doing a sum of all the locked amount is looking for the biggest locked amount. 

    function getBalanceLocked(address token)
        public
        view
        override
        returns (uint256 balance)
    {
        uint256 count = _lockSet.length();
        for (uint256 index; index < count; index++) {
            LockData storage _lockData = _locks[_lockSet.at(index)];

            if (_lockData.token == token && _lockData.balance > balance)
                balance = _lockData.balance;
        }
        return balance;
    }

Tools Used

None

ghost commented 3 years ago

sponsor disputed protocol should behave like this

ghoul-sol commented 3 years ago

It’s a feature so marking as invalid